X.Org Server Hit By Its Latest Batch Of Security Vulnerabilities

Written by Michael Larabel in X.Org on 14 December 2021 at 08:44 AM EST. 53 Comments
X.ORG
Given the age of the X.Org/X11 code-base security issues have become quite frequent. It was nearly a decade ago that the X.Org Server was considered a "security disaster" and a security researcher saying it's even worse than it looks. Today another batch of X.Org Server security vulnerabilities have been made public.

Four more CVEs were made public today around input validation failures in the X.Org Server that could lead to local privilege escalation. This is for cases where the X.Org Server is still running as a privileged process and supporting remote code execution for SSH X forwarding sessions.

The security issues involve out-of-bounds writes with different aspects of the X.Org Server around render, xfices, xext, and record code.
* CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access

The handler for the CompositeGlyphs request of the Render extension does not properly validate the request length leading to out of bounds memory write.

* CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access

The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write.

* CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access

The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write.

* CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access

The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write.

These latest vulnerabilities were found as part of the Trend Micro Zero Day Initiative. Fixes are pending in X.Org Server Git.

More details via the security advisory.

These security advisories do impact XWayland for which XWayland 21.1.4 saw an update this morning.
53 Comments
Related News
Open-Source Graphics DevRoom Returning For FOSDEM 2024
XWayland Now Allows For Better Choosing Between OpenGL & OpenGL ES
XWayland & X.Org Server See New Releases Due To Three More Security Vulnerabilities
X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2
Silicon Motion X.Org Driver Sees First Release In Six Years
XDC 2023 To Provide Update On AMD HDR For The Steam Deck, Rusticl & Wine Wayland
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
64-bit ARM Linux Kernel Against CPU-Specific Optimizations: "Pretty Unmaintainable"
Firefox 120 Ready With Global Privacy Control, WebAssembly GC On By Default
The Linux Kernel Preparing To Drop Infrastructure For Old & Obsolete Graphics Drivers
Firefox 121 Is Looking Good For Having Wayland Enabled By Default
Debian's MIPS64EL CPU Port Is At Risk Due To Declining Hardware Access
Lenovo Prepares The Linux Kernel For "Ultra-Performance Capability" On Latest ThinkPads
LACT Is The Newest AMD Radeon GUI Control Panel For Linux
TUXEDO Computers Launches First All-AMD Linux Gaming Laptop